eEye Digital Security

"Adobe Flash Player Multiple Vulnerabilities" shows up on the current, Blink-Personal, security checklist (with the "How to Fix" being "Upgrade A_ F_P_ to version 9...", but prior to running this vulnerability assesment, I downloaded version 9.0.47.0 (the latest) from the Adobe site and manually installed it, getting a sub-window indicating a successful installation.   In Control Panel, Add/Remove lists "Adobe Flash Player" and "Support Information" in that list item shows that the version is indeed 9.0.47.0.

It would seem that there is something wrong with this item being in the Blink security checklist.  [There is one wrinkle, however, that I do not understand, and that is that I can find no flash9.ocx file anywhere on C: (which I had a hunch I should find), but I do have a Flash8.ocx file in C:\Windows\system32\Macromed\Flash.]

Anyone's thoughts would be appreciated.

I have the same vulnerability showing up, but don't have flash installed at all.

If you remove it, then run the Flash Uninstaller (google Uninstall Flash) and you should get the KB article from adobe.com that includes the Uninstaller.

Then reinstall Flash.

I can't guarantee that Blink will no longer tell you that you have the vulnerability, but the old versions of Flash will be gone.

You can also use the Personal Software Inspector https://psi.secunia.com (It just scans and reports what versions of programs you have, no AV, no Virus signature files to cause a problem with Blink) and it will tell you what vulnerable versions of programs you have.     

I will agree that many times i have tried to fix "vuneralbilites" even when i have already upgraded BLINK tends to not think they are updated.. I think this occurs from the fact stated above that it requires a full uninstall then re-install of the application. I think when online updates are done the application providers are only (in some case) sending out specific files to lower the ammout of bandwidth and time it takes to update and not removing all the old files needed to pass the BLINK inspection of the appication to determine if it is truly secure and updated to the latest version.

Java is another pain in the butt with updating...and getting BLINK to actually stop talking about it..

The other option is to download and install the new Secunia PSI Beta - that checks all your applications for the latest updates and security patches and gives you most of the proper download links to solve the issues..

I have used the app along side BLINK with no issues as of yet..

This post is almost a year old but in case anyone else searches for a fix to this issue, there are generally two flash player vulnerabilities. So what you want to do is to search on adobe's site, for an older version then the one it says you need to update to. Now it's 10.x.x so you want to go to there site in the search type Flash Player 9. Now you will see a link that will take you to an archive page http://www.adobe.com/support/flashplayer/downloads.html

Once your at this page you download the zip file for the current version of Flash Player, and once it's downloaded open it up and run both the flash player plugin executable and the ActiveX executable. Then the vulnerability will no longer come up on a scan.